Re: [openpgp] Fingerprints

On Wed, 2015-04-15 at 16:46 -0400, Phillip Hallam-Baker wrote: 
> The ni scheme I linked to does essentially that. What we are
> discussing here is essentially the same thing only with a slightly
> different syntax. It is not necessary to separate the algorithm ID
> from the fingerprint.
So in that ni scheme, is the algorithm id then hashed along with the
data?


> It isn't necessary. We just use the same trick Ken Thompson used to
> create UTF8.
Sure that's possible as well, but I think they only did this do be
compatible with ASCII... and it makes probably parsing a bit more
complex.

> I do not think it is at all likely we will exhaust the registry in our
> lifetime. Since Rivest proposed MD4 in 1990 we have had four hash
> algorithms that have been widely used, MD4, MD5, SHA-1 and SHA-2. If
> we continue at the same pace it will take a century before we get up
> to 16. And that is actually a pretty conservative estimate. Since 1995
> we have only had two algorithms.
Well... it's always difficult to predict the future... probably you're
right, but why making it not generic enough to be one the safe side if
we can.

As I've said, we've had that already plenty of times, that people
expected something to be never exhausted and then things came completely
different.
So one should perhaps learn from the past =)


Cheers,
Chris

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp